So much for "overhauling its security processes" like Nadella sent out in a memo just a month ago.
> If you’re faced with the tradeoff between security and another priority, your answer is clear: Do security. In some cases, this will mean prioritizing security above other things we do, such as releasing new features or providing ongoing support for legacy systems. This is key to advancing both our platform quality and capability such that we can protect the digital estates of our customers and build a safer world for all.
>So much for "overhauling its security processes" like Nadella sent out in a memo just a month ago.
That could be orthogonal for a company as large and diverse as Microsoft for both to be true at the same time. Like certain more enterprise facing products like the windows kernel or Azure could be very secure, while others like these user facing Windows features, very un-secure.
In general I noticed that most new tools and consumer facing features dropping on Windows 11 are of terrible quality, as if they were written by some web-dev interns rather than engineers experienced in Windows programming.
Both can be true. That Nadella says 'do security' while also taking time for that mandate to filter through an org the size of MS. It doesn't excuse this existing issue, but hopefully signals future change.
But this is not like in the 1600s, when laws took weeks or months to reach to the outskirts of the empire. The memo is literally public and has been in the news, so I don't see how there could be parts of the org that this has not filtered through yet.
Maybe if there's parts of the org that need to get all their mandates through MS Teams, I could see how that introduces unreasonable delays.
“Take a screenshot every few seconds, run OCR on it, and dump all the text into a SQLite database” honestly sounds like a machine learning intern wrote a keylogger in their coffee break. Hilarious that it’s a real Microsoft feature they proudly advertised.
Yes, it is very easy. I wrote something similar back in 2020 iirc. It only took a few hours. The idea was to have an app that you dumped all your work pdfs into to make them searchable within. It would pull the text and then you could search by keywords and open the pdf at the associated page number. For PDFs that were scanned in from paper, I had to use tesseract OCR. I didn't pursue it further at the time, because the quality of output with OCR was often poor. The OCR would produce large chunks of gibberish mixed into the output text. Now one could do much better. Incorporating the tokenizing for RAG with the OCR output would probably improve the quality drastically, as the small tokens produced during tokenizing would help "filter out" much of the OCR produced gibberish while preserving much more of the actual text and contextual/semantic meaning.
It seems like the product team went unchecked on this one. I don’t want to infer too much about Microsoft as a whole but my trust in them just dropped.
Actually Balmer cared much more about Windows than Satya, as long Azure, Office and Games are printing money, nothing else matters.
Hence why the Windows development experience has went downhill since he took over.
We might have a Microsoft <3 Linux, with a ton of FOSS products being on Microsoft's accounting list, however Windows is a shade of itself versus "Developers, Developers, Developers" days.
Recent example, Microsoft Photos team proudly presents their UWP to Windows APP SDK migration,
That's fair, I guess. I thought XP was shockingly horrible in many ways and Vista was kind of a disaster also, but at the same time that was also partly the result of forcing in security features and there was no way that wasn't going to be a painful process while developers and users adapted. And Windows 7 came out on his watch as well, so very fair point.
Back in my early days doing iOS, I worked for a travel company. The web team at one point used IBM TeaLeaf (I'm not sure what it does today), which took screenshots of the web app's web pages and sent them to the company so they could see what appeared on them (with some obfuscation of sensitive fields). It seemed rather sketchy to me, but they did discover that for years, people with odd letters in their names had never been able to book a hotel. Of course, it appeared as an exception in the log file, but no one ever looked...
Microsoft's complete lack of any security consciousness is genuinely scary. They control so much of the world's personal and enterprise computing it's not even funny.
A random selection of serious security incidents from Azure:
just from Wiz from the past 2-3 years, and of course they aren't the only ones:
I find it impossible to believe that Azure as a whole organisation takes security seriously. There might be individuals that do, but definitely nobody with decision making power. Half of the above described exploits are trivial and should have never passed any sort of competent review process.
> Microsoft's complete lack of any security consciousness is genuinely scary. They control so much of the world's personal and enterprise computing it's not even funny.
So this is funny in a way, because MS had such a terrible and mostly deserved security reputation with Windows...and then they really cleaned and tightened it up. Windows had and continues to have one of the best OS security architectures, and is certainly the best out of all consumer operating systems.
But with the cloud stuff and embarrassing gaffs like this, what the hell happened? New managers and a lot of employee turnover, I guess?
Yes, on the WinUI community calls it is quite visible, when the community asks about when is feature XYZ from Windows Forms/WPF comming into WinUI, and it is quite clear by some reactions that they don't have any idea about the said feature, and how behind WinUI is to them.
Bonus points that it's been found that during Out of Box Setup you don't even get to say no. You get "continue", "learn more", and "open Settings after setup to turn off".
This is the most disgusting consent violation I've ever seen out of Microsoft.
Really? There's so much stuff for Microsoft's own benefit you can't turn off at all with modern windows, telemetry being the big one. Also setting up Windows 11 without an online account requires jumping through a lot of hoops. This is about the level of consent violation I expect from them. Disappointing but not surprising.
For those who want to try out Recall as a tool but do not trust Windows (or have the specialised hardware required to run), there already is an open source alternative that covers the basics: https://github.com/openrecall/openrecall
If the main security complaint (at the moment) is that the locally-stored data is easily accessible to an attacker, how does openrecall solve that? Wouldn’t its db be as vulnerable?
It seems they are at least aware of this, as their repo page says, "Privacy-focused: Your data is stored locally on your device, and you have the option (soon to be implemented) to encrypt it with a password for added security. No cloud integration is required." So, it appears they haven't implemented security yet, but plan to.
Yeah, as long as the data is encrypted that should solve the stolen or lost concern. Wouldn't want my entire history searchable to a malicious party, what a nightmare.
thankfully it seems like this feature won't be rolled out to existing non-arm/copilot PCs (though who knows). already migrated my PC to linux, my current laptop is a macbook. my partner's next laptop will likely be a macbook, too.
I'm half convinced that Microsoft puts all of their best employees in Azure and cloud products while poor performers are dumped in the legacy Windows group where they come up with "features" like this one. Seems like everything they've been doing the past decade with legacy Windows is ruled by "users are too dumb to know what they want but we're even dumber". As Windows becomes a smaller and smaller share of Microsoft's revenues, expect to see more of the bottom cruft dumped into it. Or to put it another way, Windows is Microsoft's new PIP before they fire you.
On the other hand, they just laid off a couple hundred from Azure, so maybe the above isn't quite right or there just isn't enough room in the Windows group for those who fail to perform at the expected level doing Azure, so they were laid off directly.
TFA says it's encrypted at rest, with Bitlocker. When running, the data is accessible only to the SYSTEM user. That's exactly how I'd expect to implement this on Windows, I'm not sure what else you could do while offering the features it does.
The insecurity stems from the concept of Recall, not its implementation.
The main threat is from malware that compromises SYSTEM, or whatever user interface is offered onto Recall.
There's a second-order threat too - Microsoft changing their privacy policy in 1,2,3 years and feeding it to their AI models & 2317 advertising partners. Sure there'll be an opt-out - a paper form in a basement filing cabinet, with a sign saying "beware of the leopard" etc.
There's just no secure way of implementing a feature that collects and stores an enormous amount of new personal data.
I feel what we're all saying is that the security risks of amassing all this data are very unlikely to offset the small benefit of being able to remember something you did last week.
Given that the benefits are few, there's no better time to shout it down.
But long term, Recall is platform that MS will build on, offer more access to, synchronise, offer to 3rd parties. Imagine your insurance company demanding access, or potential employer?
It'll be a scary "new normal" when your computer OS records everything you do, as standard, and everyone else expects that to be the case.
> I feel what we're all saying is that the security risks of amassing all this data are very unlikely to offset the small benefit of being able to remember something you did last week.
Oh, I agree. It's the rational observation and conclusion. But this feature isn't for us.
It's for the average non-technical computer user, and ostensibly they do want this feature, the downsides be damned.
> It'll be a scary "new normal" when your computer OS records everything you do, as standard, and everyone else expects that to be the case.
That is scary and not even something I had considered, since trying to criminalize E@EE gets all the press these days.
It's possible one day that all these computers from the last few decades may end up being very valuable given they are all unlocked and future ones may not be.
That's like calling most disk encryption "unencrypted": When you decrypt on boot or with veracrypt, the files become accessible to all running processes that can access disks.
Based on the article, it is encrypted, but you can access it without manually decrypting it on every access.
HN tends to be highly skeptical of “if you don’t have anything to hide, you wouldn’t mind the lack of privacy” arguments.
I personally see a future where employers mandate the use of Recall and will audit employees’ activity for “compliance” purposes, to quash dissent, etc. I don’t like this future. (Employers already have the legal right to do this, but the implementation is neither commonly available nor commonly accepted, so Recall may nudge the needle on societal acceptance.)
In this future, you’d be stopped at the border and asked to hand over your Recall data and sanctioned based on political articles you read etc etc, imagine whatever slippery slope you like here.
You know the thing about medical headlines where it turns out you can broadly tack “in mice” on the end to get a truer version? For statements like this you can usually add “in the US” and come away a little wiser. This is absolutely not the case everywhere else.
So still relevant to, at a minimum, almost 350 million people? More likely it will actually work out to (total world population - amount of people covered by GDPR or the very few existing laws like it). Like I get that the EU has a cool privacy law but sitting in your ivory tower chortling at the dumb Americans doesn’t negate the fact that Microsoft is building this giant invasion of privacy in the first place.
Not entirely sure that Recall won't essentially sidestep most of the protections of the EU privacy laws by touting that the data is stored locally and so it is "yours". Never mind that this basically provides a huge incentive for bad actors to get "your" data however they can. Microsoft will have done all the work of gathering it for them in one easy target.
> HN tends to be highly skeptical of “if you don’t have anything to hide, you wouldn’t mind the lack of privacy” arguments.
Well, those arguments flip the narrative. No one has to justify their privacy; invasion of privacy needs to be justified - and, when warranted, scope needs to be enforced.
In case anyone needs an analogue: when paying, you don't give the seller access to all of your money. They justify a particular amount and if you agree, they get the right to only that.
With money, we tend to call folks who take more than warranted "robbers" or "thieves". I think society would be in a better state of we viewed invasion of privacy as negatively.
There's no panic; people just aren't accepting the lack of security and privacy being presented.
If this is tame compared to a few years from now, then the path we travel to get there will be lined with these types of implementations. Now is the time to push back before it gets to that point.
As for the freaky stuff I do: talking to friends, family, coworkers, banking and financial transactions. I don't use it, but online healthcare is becoming more and more prevalent. I search for things that are of interest and impact to me and my family.
Careful you don't take the echo chamber for the world.
Reality is most people don't care about digital privacy, and more over do care about getting to recall (pun intended) what they were doing at an earlier time.
Both the benefits and concerns are real, we shall see if the furor in a small corner of the tech world is representative of anything in the wider world at large.
Is a drop in trust only the result of panic though? It seems reasonable for someone who generally trusts Microsoft's privacy protections to lose trust when Microsoft is seriously considering products that are already showing serious privacy concerns.
> Guys, this product has not yet been released. The level of panic for this product is at a level I haven't seen in years.
It's not panic, it's feedback and pushback. If we didn't have people doing this research, and trying out the not-released software to find these issues, we'd very likely be panicking when it was released and being forced on us.
It just clicked in my brain. What I haven't been able to articulate about why I'm so anxious about #Windows Recall. I'm sure others have already gotten to where I am.
It's worse than "a system that tracks everything you do" and stores that info in a basic database that could be easily compromised.
It's worse than a nanny surveillance tool for companies to spy on their employees.
It's inescapable.
It doesn't matter if I make a dozen "how to disable recall" tutorials. The second YOUR data shows up on someone ELSE'S screen, it's in THEIR recall database.
It won't matter if you're a master #security expert specialist. You can't account for EVERY other computer you've ever interacted with. If a family member looks up an old email with your personal data in it, your data is now at risk.
If THEIR system is compromised YOUR data is at risk.
I just went from "vague feeling of unease" to "actively writing templates to canvas elected officials, regulators, and attorneys general."
No need to even get that far away from western countries. For example: insult the royal family of Spain and you might be doing something illegal. There are plenty of western countries where freedom of speech is limited too: https://www.politico.eu/article/european-countries-where-ins...
What you say and do in private with your friends might be in line with the current political climate, so you feel safe. However, as the reach extends and the capability for storing a detailed history of your computer use increases, you are then vulnerable to political winds shifting and some other tyrannical oligarch finding something you wrote ten years ago to a friend in a private conversation and now you are called into a kangaroo court and summarily sent to a labor camp.
If you think this is implausible or paranoid, I would recommend reading more history of the 20th Century in totalitarian regimes.
On the very real but extreme end of things the russians are abducting people in Ukraine for nothing more than an insulting text/comment/meme found on their phones or intercepted.
As for not having anything to hide would you mind providing your last 10 banking transactions? Details on your last 5 sexual partners? Porn viewing habits? Medical information? You're deepest thoughts and fears?
And of course there is always the fact that right now you may be doing something seemingly harmless that due to future circumstances you will need to hide.
Health, finance and security related activity (a period spreadsheet in Excel, or visiting some wallstreet subreddit) may become relevant to some insurance and may become a reason to refuse you treatment or indemnification. Or it can be used to for id theft. Other activities may be supportive of a charge brought against you.
- "Did or did you not visit coldbloodedmurder.com on the night of 7/5/2026? Answer the question with yes or no."
- "But that's just a ..."
- "Yes or no!"
There's too much harm that can be done with all that information.
>Also, what the hell are y'all doing on your computers that is so freaky anyway?
are you doing anything freaky at home? are you molesting children, synthesizing drugs, assembling IEDs, expressing forbidden opinions, thinking forbidden thoughts?
no? then surely you won't mind a few cameras installed in every room - we promise to share the footage only with our trusted partners, advertisers and every intelligence agency under the sun.
My employer does not want my laptop storing screenshots of everything I do any more than I do. Kevin is doing a huge favor to General Counsels everywhere with this work.
what's your address? what's your salary? how much do you have in savings? where can I download your browsing history? income tax forms? do you have kids and if so, where do they go to school?
It’s not about ‘privacy’ or having anything to hide, it is about the fact that some company wants to take control of you and letting people own you.
Recall is essentially the same as recording what you can see with your own eyeballs and what you are thinking and doing when you are on your system.
In a couple of updates, Microsoft will likely be able to recall data on any screen anywhere… you make a call to your insurance company, Recall will know all of the same info that the insurance agent can see from their screen.
You visit your therapist, then after you leave they write up notes on their Windows computer with Recall then somehow your insurance rates go up the next month.
When I was a scoundrel hacker in the 2000’s (I am not proud of it), the first thing I’d do is install keyloggers and screen grabbers - and let me tell you, although I never did anything with the data I can tell you categorically that it would have been pretty bad for these people had I doxxed the content. These people were probably the same kinds of people who would argue your kind of point, but it’s only because they haven’t thought about it enough to fully realise the damage that can be done.
Now when hackers break into a system, they will be able to grab that recall. Partners will be able to do it. Trolls will be able to.
Just like the power trip I was on, Microsoft are also on a power trip, except they go all in and have the backing of the NSA. They do not care about your privacy, they just want control/power/dominance and money.
Doxxing is about to hit the big time with this. Soon enough, you’ll find more than just a celebs full recall on a the darkweb you’ll have your friends and family looking over your own recall history when it gets leaked from some other massive malware scam.
File cryptor ransomware will soon be called Recall ransomware.
I think you are a psychopath if you don’t think long and hard on moving away from Microsoft inmediately.
> If you’re faced with the tradeoff between security and another priority, your answer is clear: Do security. In some cases, this will mean prioritizing security above other things we do, such as releasing new features or providing ongoing support for legacy systems. This is key to advancing both our platform quality and capability such that we can protect the digital estates of our customers and build a safer world for all.
https://www.theverge.com/24148033/satya-nadella-microsoft-se...